package com.cxx.purchasecharge.component.controller.usersecurity;

import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.cxx.purchasecharge.component.bean.ActionResult;
import com.cxx.purchasecharge.component.bean.ActionResult.ActionResultStatus;
import com.cxx.purchasecharge.component.utils.AjaxUtils;
import com.cxx.purchasecharge.component.utils.ComponentConstants;
import com.cxx.purchasecharge.component.utils.MessageProperties;
import com.cxx.purchasecharge.core.config.PurchaseChargeProperties;
import com.cxx.purchasecharge.dal.UserDao;

@Controller
@RequestMapping ("/password")
public class PasswordManager
{
    private static final Logger logger = Logger.getLogger (PasswordManager.class);

    @Autowired
    private UserDao userDao;

    @RequestMapping (value = "/updatePassword", method = RequestMethod.POST)
    public @ResponseBody
    String updatePassword (@RequestParam String userId, @RequestParam String newPwd)
    {
        if (StringUtils.isNotBlank (userId) && StringUtils.isNotBlank (newPwd))
        {
            ActionResult ar = ActionResult.createActionResult ().build ();
            try
            {
                userDao.updatePassword (userId, newPwd);
                ar = ActionResult.ok ()
                                 .withMessage (MessageProperties.getConfigFormatted (ComponentConstants.GENERIC_MSG_UPDATE_SUCCESS,
                                                                                       ComponentConstants.MSG_PASSWORD))
                                 .build ();
            }
            catch (Exception e)
            {
                logger.warn ("Update password failed. (userId=" + userId + "), " + e.getMessage ());
                ar = ActionResult.serverError ()
                                 .withMessage (MessageProperties.getConfigFormatted (ComponentConstants.GENERIC_MSG_UPDATE_FAIL,
                                                                                       ComponentConstants.MSG_PASSWORD))
                                 .build ();
            }
            return AjaxUtils.getJsonObject (ar);
        }
        else
        {
            logger.error (ActionResultStatus.BAD_REQUEST);
            ActionResult ar = ActionResult.badRequest ()
                                          .withMessage (MessageProperties.getConfig (ComponentConstants.GENERIC_MSG_REQUEST_ARGS_ERROR))
                                          .build ();
            return AjaxUtils.getJsonObject (ar);
        }

    }

    @RequestMapping (value = "/resetPassword", method = RequestMethod.POST)
    public @ResponseBody
    String resetPassword (@RequestParam String userId)
    {
        if (StringUtils.isNotBlank (userId))
        {
            ActionResult ar = ActionResult.createActionResult ().build ();
            try
            {
                userDao.updatePassword (userId, PurchaseChargeProperties.getDefaultPassword ());
                ar = ActionResult.ok ()
                                 .withMessage (MessageProperties.getConfig (ComponentConstants.RESET_PWD_SUCCESS))
                                 .build ();
            }
            catch (Exception e)
            {
                logger.warn ("Update password failed. (userId=" + userId + "), " + e.getMessage ());
                ar = ActionResult.serverError ()
                                 .withMessage (MessageProperties.getConfig (ComponentConstants.RESET_PWD_FAIL))
                                 .build ();
            }
            return AjaxUtils.getJsonObject (ar);
        }
        else
        {
            logger.error (ActionResultStatus.BAD_REQUEST);
            ActionResult ar = ActionResult.badRequest ()
                                          .withMessage (MessageProperties.getConfig (ComponentConstants.GENERIC_MSG_REQUEST_ARGS_ERROR))
                                          .build ();
            return AjaxUtils.getJsonObject (ar);
        }

    }

    @RequestMapping (value = "/checkOldPassword", method = RequestMethod.POST)
    public @ResponseBody
    String checkOldPassword (@RequestParam String userId, @RequestParam String oldPwd)
    {
        if (StringUtils.isNotBlank (userId) && StringUtils.isNotBlank (oldPwd))
        {
            if (null != userDao.findByUserIdAndPwd (userId, oldPwd))
            {
                return "true";
            }
        }

        return "false";
    }

    @RequestMapping (value = "/")
    public String redirectToPasswordManagement (ModelMap model)
    {
        return "passwordManagement";
    }

}
